Focus on Welsh Im&T Systems

FOCUS ON……WELSH IM&T SYSTEMS

Glossary of terms

A&EAccident & Emergency Departments

BMABritish Medical Association

CCGClinical Commissioning Groups – England only

CSUCommissioning Support Unit – England only

GPC WalesGeneral Practitioners Committee, Wales – elected body that represents GPs and prison doctors across Wales

HSCICHealth and Social Care Information Centre

IHRIndividual Health Record – Wales only

NWISNHS Wales Informatics Service

OOHOut of Hours

PCQUISPrimary Care Quality & Information Service – division of Public Health Wales

PRISMRisk stratification toolkit developed for use within Wales – roll out currently on hold whilst it is evaluated

QOFQuality & Outcomes Framework

s 251Section 251 of the NHS Act 2006 provides statutory power to ensure that NHS patient identifiable information needed to support essential NHS activity can be used without the consent of patients. The power can be used only to support medical purposes that are in the interests of patients or the wider public, where consent is not a practicable alternative and where anonymised information will not suffice. Applies to England and Wales.

SAILSwansea Anonymised Information Linkage – Wales databank

SCRSummary Care Record – England only

Overview

GPC Wales has become aware that many practices and patients are unsure regarding the differences between Welsh and English IT services and what this means for patients given their Caldicott guardian responsibilities.

GPC Wales has developed this focus on document covering the following areas:

Section 1 – What is Audit +?

Section 2 – What is the Individual Health Record and how it differs from the Summary care Record in England

Section 3 - What is the SAIL database?

Section 4 - What is care.data and how does it differ from SAIL and what are GPC’s concerns?

Section 5 - How can GPs be confident about IHR, SAIL & Audit +?

Section 6 - Other Welsh programmes / developments

Section1.What is Audit +?

Audit + is the current data quality system that is used by 97% practices across Wales to assist in 2 key areas:

Contract management – QOF (Achievement, tidy up searches etc) & Enhanced Service achievement (e.g. flu and pneumococcal programmes)

Demonstrating engagement and achievement in specific quality areas (including many Enhanced Services, PCQUIS programmes)

Both elements are optional for practices but most practices have found Audit + to be very useful.

The contract is coming to an end – subject to their accepting the contract terms, BMJ informatica were, the successful bidder going forward.

Section 2. What is the Individual Health Record (IHR)?

The IHR in Wales is a more comprehensive view of the patients GP record with some of the major clinical conditions, drug history and allergy information included. This record is currently viewed in OOH, A&E and medical assessment units throughout Wales but is “view only” and protected by an audited “consent to view” model (any extensions to its use is governed by strict processes and GPC Wales is involved in these decisions). The only additions to this record come from the GP practice. Patients can opt out of the IHR if they choose.

How does thisdiffer from Summary Care Record (SCR)?

The SCR is England only and not related to care.data. The SCR is an electronic summary of a patient’s clinical record , it contains information about allergies, prescriptions and adverse reactions. It is constantly updated and can be added to by a range of practitioners not solely the GP. Patients can opt out of the SCR too.

Section 3. What is SAIL?

SAIL is the Secure Anonymised Information Linkage system which is based in Swansea university.

In the SAIL system the patient information is subjected to two processes BEFORE it leaves the practice, the demographic data and the clinical data are separated and each dataset is given the same pseudonym. Each part of the record then is encrypted and goes to a different place. The clinical data goes straight to SAIL and the demographic data goes to NWIS ( Welsh NHS data service) where they acquire a different pseudonym . Therefore two different organizations hold the two keys to the identity of the data. NWIS then sends the demographic data to SAIL where it can be rejoined to the clinical data but in a pseudonymised format that prevents any kind of re-identification.

The SAIL database never allows information to leave the system and has no print or overwrite facility. Researchers can physically visit the site in Swansea to work on the database or gain entry remotely but again there is no facility to take the dataset out of the SAIL database.

Applications for access to SAIL are scrutinized by a Information Governance group which includes BMA members and patient groups. There are researcher contracts in place and rules to cope with rare conditions and small numbers.

The SAIL database is reliant on practices deciding to contribute and allow their patients data to be used in this way. The system is anonymised and has many restrictions around it to ensure the highest quality information governance.

Practices have the option to sign up and we would encourage all practices to do so. Currently a project to match up areas of deprivation to the resources available to practices is underway in SAIL. This will hopefully give us evidence to argue for more resources into primary care to begin to address the continuing inverse care law which is still operating in Wales.

Further details are available via the SAIL website:

Section 4.What is care.data?

This is only applicable to England. The Health & Social Care Act (HASC) 2012 in England incorporates the power to direct the Health and Social Care Information Centre (HSCIC) to collect information from all NHS Care providers which includes General Practice. The aim is to facilitate the linkage of data from all care settings and improve patient services and evaluate patient outcomes throughout their illness across the boundaries between primary and secondary care.

The data extraction from GP surgeries is due to start in the autumn of 2014. The information uploaded for each patient includes the following identifiers NHS number, date of birth, postcode, gender. Also in the upload will be coded information about referrals, NHS prescriptions and other clinical data (e.g. vaccinations, smears, family history, ethnicity etc).. When the information gets to HSCIC, it is linked with hospital data, given a pseudonym and a new record is created which does not reveal the patient’s ‘real world’ identity because the identifiers are removed. This is an automated process.

The HSCIC can release data in 3 formats, anonymous aggregated, pseudonymisedor identifiable data. Identifiable data can only be released with a legal basis such patient consent or approval under s251 of the NHS Act 2006. Currently care.data only has approval to release anonymous or pseudonymous data to commissioners. The care.data service does actually release the data to CCGs and CSUs with a contract explicitly laying out how the data should be used.

Under the mandatory powers of the HSCA GP practices have a legal obligation to provide data to the HSCIC unless an individual patient has registered an objection. Patients can opt out of care.data

Care.data only applies to patients registered with an English GP.

How does care.data differ from SAIL?

The SAIL database relies on practices voluntarily agreeing to give patient data to the system. Care.data uses the powers of the HSCA (England only) to mandate the information from practices.

Both systems use pseudonymisation techniques, the SAIL system has the pseudonymisation keys residing in two different organisations where care.data has all the information in the one “safe haven” the HSCIC (Health and Social care information centre).

Both organizations have automated systems for applying pseudonyms so that no humans see the data after transfer before the pseudonym is applied . Both systems encrypt the data in transmission.

AS stated above the SAIL database does not allow the data in the database to leave the SAIL system, care.data sends out to CCGs and CSUs the datasets for their use under contractual terms. The care.data system has a higher risk here than the SAIL database because once the dataset has gone outside the HSCIC it could be linked , albeit against contract and outside the law, with other databases which would increase the risk of re-identification.

Why are GPC concerned about care.data?

There are two reasons why GPs may be concerned. Firstly, as data controllers they have a responsibility to ensure that any transfer of data from their systems is done legally which means there has to be a legal basis for the transfer and secondly, that they have complied with the terms of the Data Protection Act and followed “fair processing” which involves making reasonable efforts to inform patients of the activity so that they may register an objection to the use of their data.

There has been a great deal of false information in the press about care.data selling patient records to insurance companies. NHS England have made it very clear that they have no intention to sell information but only to use it in anonymised or pseudonymised form for commissioning purposes.

The household leaflet drop organized by NHS England has had variable penetration and many members of the public are still unaware of the issue, this is a concern to GPs who are responsible making reasonable attempts to inform their patients.

Section 5. How can GPs be confident about IHR, SAIL and AUDIT +?

All these programmes have been developed in conjunction with robust governance arrangements and any extensions of use of patient data has been carefully explored following best practice guidance.

Additionally, each of these programmes has engaged the national informatics governance board and GPC Wales (as well as other representatives of the profession) in their development. Patient safety has been placed at centre of all programmes.

Many have been concerned about ensuring their responsibilities as Caldicott Guardians has been discharged appropriately. Whilst we are delighted that GPs are aware of the importance of their responsibilities, given the robust arrangements in place and consultation processes used (including advice from information commissioner) then practices can be confident that their engagement in these programmes is not putting patient information at risk.

Section 6. Other Welsh programmes.

GP2GP – electronic transfer of records will commence in the Spring

My Health On Line – should be available to all practices after migration as some legacy systems do not have functionality to link to My Health On Line.

Individual practices can choose which aspects it wishes to offer patients.

Work on phase 2 is about to be developed which will allow practices to consider enabling patients to have access to investigation results and parts of their record.

PRISMATIC trial – this trial is ongoing in ABMU and further roll out of the PRISM programme remains on hold whilst the evaluation is undertaken

National Intelligent Audit Solution – a platform that is in development and will enable the careful scrutiny of all users accessing any patient information they may be able to allowed to, to ensure it is appropriate and necessary for direct patient care.